Privacy policy

Data Protection Declaration for the Richard Bergner Group

Hereinafter referred to as RIBE, we or us

Welcome to our website, we are happy to note your interest in RIBE. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legislation for protecting personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the country-specific implementation law valid for us. By means of this Data Protection Regulation, we inform you comprehensively with regard to the processing of your personal data by RIBE and of your vested rights.

Responsible Body and Data Protection Officer

Richard Bergner Holding GmbH & Co. KG, Bahnhofstraße 8 - 16, D-91126 Schwabach, Germany Internet: www.ribe.de, Tel.: +49 (0) 9122/87-0, E-Mail: info@ribe.de, Fax: +49 (0) 9122/87-1371

Contact to the Data Protection Officer datenschutz@ribe.de

 

1. The purpose and legislative basis for processing personal data, data categories, the origin of data, direct marketing and customer satisfaction surveys

Here, personal data is defined as the information which enables the identification of a natural person. This includes in particular the name, date of birth, address, telephone number, E-mail address, but also your IP address. Anonymous data exists if no personal connection can be made to the user.

1.1 Purposes and legal principles for data processing

When processing your personal data, the regulations of the EU GDPR and all further valid legal data protection-related regulations are adhered to. The legal principles for data processing result in particular from Article 6 of the EU GDPR.

We use your data for initiating business, for the fulfilment of contractual and legislative duties, for implementing the contractual relationship, for offering products and services as well as for strengthening customer relationships, which can also include analyses for marketing purposes and direct advertising.

Your consent is also a legal data protection permission regulation. Here we inform you about the purposes of data processing and of your right of revocation. Should the consent also relate to the processing of special categories of personal data, we will expressly draw your attention to this in the consent.

Processing special categories of personal data within the meaning of Article 9, para. 1 EU GDPR only takes place if this is required due to legislative regulations and no reason exists to assume that your legitimate interest to exclude processing dominates.

1.2 Duty to provide the data

Various personal data is required for reasoning, implementation and termination of the contractual obligation and the fulfilment of the contractual and legislative duties connected with it. The same applies to the use of our website and the different functions which it provides.

We have summarised details regarding this in the above-named item. In certain cases, data must also be collected or provided due to legislative regulations. Please observe that the processing of your inquiry or implementation of the underlying contractual obligation is not possible without the provision of this data.

1.3 Categories, sources and origin of the data

The respective context determines which data we process: this depends, for example, on whether you submit an online order or enter an inquiry in our contact form, whether you send us a job application or submit a claim.

Please observe that we may also provide information for special processing situations extra at the appropriate place, e.g. when we upload job application documents or receive a contact inquiry.


 When our website is visited, we collect and process the following data (log files):

  • Name of the Internet service provider
  • Information about the website from which you visit us
  • Web browser and operating system used
  • The IP address allocated by your Internet service provider
  • Files requested, data quantity transferred, downloads/file exports
  • Information about the websites which you access from our platform including the date and time
  • For technical safety reasons (in particular to protect ourselves against attempted hacking on our Web server), this data is saved in accordance with Article 6, para. 1, letter f of the EU GDPR. After 7 days at the latest, anonymisation  takes place by shortening the IP address, ensuring that no reference can be made to the user.


 Within the scope of a contact inquiry, we collect and process the following data:

  • Surname, first name
  • Contact data
  • Salutation
  • Information regarding wishes and interests


 In case of online job applications, we collect and process the following data:

  • Surname, first name
  • Address
  • Contact data
  • Your documents and job application documents sent online
  • Moreover, we use data which we have legitimately gained from publicly accessible directories (e.g. professional networks).

 

 1.4 Advertising purposes for existing customers (Article 6, para. 1, letter f of the EU GDPR)

RIBE is interested in cultivating the customer relationship with you and providing you with information about our products / services as well as current information. Therefore, we process your data so that we can send you corresponding information and offers by E-mail or post.

If you do not want this, you can disagree to the use of your personal data for direct advertising purposes at all times; this is also valid for profiling in as far as it is connected to the direct advertising. If you enter a contradiction, we will no longer use your data for this purpose.

Contradictions may be made without specification of reasons, free of charge and informally and should, if possible, be directed to +49 (0) 9122/87-1515, via E-mail to datenschutz@ribe.de or by post to Richard Bergner Holding, Datenschutzbeauftragter, Bahnhofstraße 8 – 16, D-91126 Schwabach, Germany.

 

2. Disclosure and recipients of the personal data

2.1 Disclosure to third parties

We will only disclose your data to third parties within the scope of legislative regulations or with your according consent. Otherwise, no disclosure to third parties is made unless we are bound to do so by compulsory legal regulations (disclosure to external authorities such as supervisory authorities or criminal prosecution authorities).

 2.2 Recipients of the data / Recipient categories

Within our company, we ensure that only the persons receive your data who need it for the fulfilment of the contractual and legislative duties.

In several cases, service providers support our specialist departments in the fulfilment of their tasks (other RIBE companies, sales partners, IT service providers, disposal companies, tax consultants and legal advisers). The necessary agreement relating to data protection law has been concluded with all service providers.

2.3 Transfer to third countries / Intent to transfer to third countries

Data transfer to third countries (outside the European Union or the European Economic Area) only takes place if this is prescribed by law for implementing the obligation, is prescribed by law or you have granted us your permission for this.

 

3. Duration of storage of the data
We store your data as long as it is required for the respective processing purpose. Please observe that numerous periods of retention necessitate that data is (must) still be stored. This concerns in particular legal commercial or tax retention duties (e.g. the German Commercial Code, Tax Code, etc.). In as far as no further-reaching retention duties exist, the data is routinely deleted after its purpose has been achieved.

Moreover, we can store data if you have granted us your permission for this or if legal disputes arise and we use evidence within the scope of legal limitation periods which can be of up to thirty years, whereby the normal period of limitation is three years.

 

4. Rights of contradiction

Please observe the following in connection with rights of contradiction:

If we process your personal data for the purpose of direct advertising, you are entitled to contradict this data processing at all times without specifying the reasons. This is also valid for profiling in as far as it is connected to the direct advertising.

If you contradict processing for direct advertising purposes, we will no longer process your personal data for these purposes. Contradiction is free of charge and may be made informally, if possible to: datenschutz@ribe.de

In the event that we process your data to safeguard legitimate interests, you may contradict this processing at all times for reasons arising from your specific situation; this also applies to profiling based on these provisions.

We will then no longer process your personal data unless we can prove compelling legitimate reasons for the processing which override your interests, rights and freedom, or the processing serves the purpose of asserting, exercising or defending legal claims.

 

5. Your rights as a data subject

We would initially like to inform you of your rights as a data subject here. These rights are standardised in Articles 15 - 22 of the EU GDPR. They include:

  • The right of information (Article 15 of the EU GDPR),
  • The right of deletion (Article 17 of the EU GDPR),
  • The right of correction (Article 16 of the EU GDPR),
  • The right of data transferability (Article 20 of the EU GDPR),
  • The right of limitation of data processing (Article 18 of the EU GDPR),
  • Contradiction law against data processing (Article 21 of the EU GDPR).

To assert these rights, please refer to: datenschutz@ribe.de. This is also valid if you have questions regarding data processing within our company. Moreover, you are entitled to appeal to a data protection supervisory authority.

 

6. Safe transfer of your data

In order to protect the data we store as well as possible against accidental or deliberate manipulation, loss, destruction or access by unauthorised persons, we deploy corresponding technical and organisational safety measures. The safety levels are constantly checked jointly with safety experts and adapted to new safety standards.

Data exchange from and to our website is always encrypted. The transfer protocol we offer for our Web presence is HTTPS, respectively using the current encryption protocols. Moreover, we offer our users content encryption within the scope of the contact forms. Only we can decrypt this data. Moreover, the option to use alternative communication routes is provided (e.g. post).

 

7. Contact form / Making contact by E-mail (Article 6, para. 1 letters a & b EU GDPR)

A contact form which can be used for making electronic contact is provided on our website. If you write to us via the contact form, we process the data you provide within the scope of the contact form and answer your questions and wishes.

Here, the principle of data economy and data avoidance is observed, meaning that you only need to provide the data which we absolutely need regarding your contact. This is your E-mail address and the message field itself. Moreover, as a technical necessity and for legal security, your IP address is processed. All remaining data is entered into voluntary fields and can be provided optionally (e.g. for a more individual response to your questions).

In as far as you contact us via E-mail, we will process the personal details contained in the E-mail only for the purpose of processing your inquiry. If you do not use the forms offered for contacting us, no additional data collection takes place.

 

8. Job applicants’ portal (Article 6, para. 1 letters a & b EU GDPR)

We are happy to note your interest in working for RIBE. We are aware of the importance of your data and only process the personal data provided within the scope of the job application form for the purpose of effective and correct handling of the job application process and for making contact during the course of the job application process. No data is passed on to third parties without your permission.

You are requested to provide personal data within the scope of the job application form. Here, we observe the principle of data economy and data avoidance as you only have to provide us with data which we need to fully check your job application documents such as your CV or data which we are bound to collect by law. This mandatory information is marked with a * (star). Moreover, as a technical necessity and for legal security, your IP address is processed.

Unfortunately, we cannot check your job application documents without this data, therefore our job application system does not allow uploading of the job application documents in this case. Naturally, you have the opportunity to provide voluntary information on the job application form.

In order to protect the safety and confidentiality of your data as well as possible, we implement corresponding safety measures. Your job application documents are transferred to us encrypted via our job application system.

We save your data for the above-named purposes until the job application process is concluded and deadlines relating to it have expired - at the latest six months after receipt of a decision. However, you have the option that we save your job application documents longer and and compare them with vacant jobs corresponding to your profile. We require your written agreement to this. In this case, we save your data for 12 months. You can naturally withdraw your agreement effectively for the future at all times without specification of reasons under +49 (0) 9122/87-1515, via E-mail to datenschutz@ribe.de or by post to Richard Bergner Holding, Datenschutzbeauftragter, Bahnhofstraße 8 – 16, D-91126 Schwabach, Germany.

 

9. Cookies (Article 6, para. 1, letter f of the EU GDPR)

Our Internet pages use so-called cookies in several places. They serve to make our offer more user-friendly, effective and secure. Cookies are small text files which are stored on your computer and saved (locally on your hard disk) by your browser. These cookies enable us to analyse how users use our websites, therefore, enabling us to design the website contents in accordance with the visitors’ requirements.

Most of the cookies we use as so-called “session cookies”. They are deleted automatically after your visit.

Most Web browsers accept cookies automatically. However, you can also normally change your browser settings if you prefer not to transmit the information. Nonetheless, you can use our website offers without restrictions (except the configurators).

We use cookies to make our offer more user-friendly, effective and secure.

Cookies are saved on the user’s computer and transmitted from there to our website. Therefore, you also retain full control of the use of cookies. If you change your Internet browser settings, you can deactivate or activate the transmission of cookies. Furthermore, the Internet browser and other software programs can be used at all times to delete cookies which have already been set. This is possible with all common Internet browsers.

Please observe: if you deactivate cookie settings, it is possible that not all of the functions on our Internet page can be fully used.

 

10. Data Protection Declaration / Information regarding data protection in social media from Richard Bergner Holding GmbH & Co. KG, hereinafter referred to as RIBE

RIBE is presented in the “social media”, currently on Instagram and XING. In as far as we control the processing of your data, we ensure that the valid data protection regulations are adhered to.

The most important information for our presence regarding data protection law can be found below.

10.1 Name and address of the person responsible for operation

In addition to RIBE, as the operator of the Instagram platform, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is also responsible for the company's presence and other data protection regulations within the meaning of the EU General Data Protection Regulation (EU GDPR).

The necessary agreement relating to data protection law was concluded with Facebook.

New Work SE, Dammtorstraße 30, D-20254 Hamburg, Germany, is responsible for the XING presence under the mantle of the EU General Data Protection Regulation.

However, we draw your attention to the fact that you use the platforms and their functions at your own responsibility. This is in particular true for the use of interactive functions (e.g. commenting, sharing and evaluating).

Furthermore, we draw your attention to the fact that your data here can be processed outside the area of the European Union.

10.2 Purpose and legal principles

We maintain the fan page or presentation platform ourselves, enabling communication with the visitors to these pages and informing them of our offers by this means.

Moreover, we collect data for statistical purposes in order to continue developing and optimising the contents and to design our offer more attractively. The data required for this (e.g. total number of pages accessed, page activity and data provided by the visitors, interaction) is prepared by the social networks and provided to us. We cannot influence its generation and presentation.

Moreover, your personal data is processed for market research and advertising purposes by the social media providers, but also by RIBE. Therefore, it is possible that, for example as a result of your use behaviour and resulting interests, use profiles are prepared. As a result, adverts can also be placed within and outside the platforms which likely match your interests. For this, cookies are normally saved on your end device. Independent of this, data not directly collected from your end devices can also be saved in your user profiles. Storage and analysis also takes place across devices, this is in particular true if you are registered as a member and logged on to the respective platforms.

RIBE processes your personal data based on our justified interests in effective information and communication according to Article 6, para. 1, letter f of the EU GDPR.

If you are requested to grant consent for data processing, i.e. if you declare your agreement by confirming a button or similar (opt-in), the legal basis for processing is Article 6, para. 1, sentence 1, letter a of Article 7 of the EU GDPR.

10.3 Your rights / Contradiction option

If you are a member of a social network and do not wish that the network collects data about our presence via you and links your saved membership data to the respective network, you must

-    log out of the respective network before visiting our fan/presentation page,
-    delete the cookies on your device and
-    close your browser and then re-start it.

However, after renewed registration you are again recognisable as a specific user (m/f/x).

For a detailed depiction of the respective processing and the contradiction options (opt-out), we refer to the following linked information:

Instagram
Data Protection Declaration
https://help.instagram.com/519522125107875
Opt-out:
https://optout.networkadvertising.org/?c=1 or
https://www.youronlinechoices.com/

XING
Data Protection Declaration
https://privacy.xing.com/de/datenschutzerklaerung
Opt-out:
https://www.youronlinechoices.com

In total, you appertain to the following rights relating to the processing of your personal data: right of information, right of correction, right of deletion, right of restriction of processing, right of contradiction, right of data transferability, right of complaint regarding illegal processing of your personal data at the responsible data protection authority.

However, as RIBE has no full access to your personal data, you should revert directly to the social media providers when asserting claims as they have respective access to their users’ personal data, can take according measures and provide information.

Should you nevertheless need help, we will naturally try to support you. Please refer to datenschutz@ribe.de.

 

11. Further information

11.1 Information regarding author’s rights and author’s art rights
Should you wish to publish pictures, texts, plans, videos, music, etc. on our website, you should be aware of the fact that you possibly assign all use rights to the network with them, which finally could have legal consequence for you if you are not the originator or owner of the rights yourself.

11.2 Automated case-by-case decisions

We do not use any fully automated processing steps for effecting a decision.

11.3 Online offers for children

The protection and personal privacy of children is a special concern for us. Therefore we neither collect, process nor use any information from persons from whom we know that they are younger than 14 if not connected with school measures. Persons under 16 may not transfer any personal data to us or submit a declaration of consent without the consent of their legal guardian. We would like to request parents and legal guardians to participate actively in their children’s online activities and interests. If any verification of proof of age for youth protection / data protection for children, e.g. for apps is made, explain it here or refer to an independent link.

11.4 Links to other suppliers

Our website also contains - easily recognisable - links to other companies’ Internet presences. In as far as links to other providers’ websites exist, we cannot exercise any influence on their contents. Therefore, no guarantee and liability can be assumed for these contents. The respective provider or operator is always responsible for the contents of these sites.

Linked sites have been checked for possible legal violations and recognisable legal infringements when the link was created. Illegal contents could not be recognised when the link was created. However, permanent control of the linked sites is not reasonable if no concrete indications of a legal violation exist. Should legal violations become known, such links are removed without delay.